Vulnerabilities > Firefly III > Firefly III > 5.8.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-05 | CVE-2024-22075 | Cross-site Scripting vulnerability in Firefly-Iii Firefly III Firefly III (aka firefly-iii) before 6.1.1 allows webhooks HTML Injection. | 6.1 |
| 2023-04-05 | CVE-2023-1788 | Unspecified vulnerability in Firefly-Iii Firefly III Insufficient Session Expiration in GitHub repository firefly-iii/firefly-iii prior to 6. | 9.8 |
| 2023-04-01 | CVE-2023-1789 | Unspecified vulnerability in Firefly-Iii Firefly III Improper Input Validation in GitHub repository firefly-iii/firefly-iii prior to 6.0.0. | 9.8 |